This guide will help you how to stop the XML-RPC attack into your wordpress platform. Before we start further, what is exactly this XML-RPC things? Is that important things in wordpress site?
What is XML-RPC anyway?
Okay, here it is. XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode its calls and HTTP as a transport mechanism. “XML-RPC” also refers generically to the use of XML for remote procedure call, independently of the specific protocol.
WordPress uses an XML-RPC interface. WordPress has its own implementation for WordPress-specific functionality in an API called the WordPress API. This should be used when possible, and your client should use the API variants beginning with the wp prefix.
WordPress also supports the Blogger API, metaWeblog API, Movable Type API, and the Pingback API.
With WordPress XML-RPC support, you can post to your WordPress blog using many popular Weblog Clients. The XML-RPC system can be extended by WordPress Plugins to modify its behavior.
How to prevent XML-RPC attack?
There are some ways to prevent this XML-RPC. You can go to your file manager and edit manually, yes if you have basic skill about wordpress script. Luckily wordpress is very friendly feature. You just need to install plugin from it.
Search for Stop XML-RPC attack and you will find it from the list. Then you just need to install, read the manual and activate it. It just easy as 1, 2, 3.